Wi-Fi Hotspots: Why security is a crucial element

Everybody likes free services. And when that comes to internet access, free is simply liberating—from expensive data bills to the ability to check important to mundane mails, news feeds, Tweets etc while on the go. Today Wi-Fi is penetrating and spreading more rapidly than any other service, via public access points or `hotspots’. Google in partnership with Indian Railways has an ambitious plan to provide Wi-Fi access at 400 railway stations. Airports, coffee shops, universities, malls and even cities offer public Wi-Fi. Naturally internet access from such hotspots is on the upswing.

Most users won’t mind checking mails, updating Facebook pictures or sending Whatsapp messages or catching up with IPL action on the go at a hotspot, but will hesitate to bank on public Wi-Fi. Even as ubiquity of Wi-Fi grows so will concerns about security. Has someone hacked into my Twitter account, will someone steal all my bank and credit card details if I access via a public hotspot? Or is there are greater probability of smartphone being compromised by a computer virus while surfing using public Wi-Fi?

Very genuine concerns indeed, as we get more people connected by the day. To understand how secure our lives on public hotspots are lets first understand what Wi-Fi is. It’s a wireless local area network (WLAN) technology that enables an electronic device like a smartphone or a laptop or a tablet to exchange data or connect to the internet using radio waves. The core technology behind Wi-Fi is a device called an access point, which acts as a bridge between the wired network and the Wi-Fi network. The access point, in turn typically connects to the internet via a network router and when in public place it becomes a hotspot. A vital resource that can help users hail cabs via apps, check out restaurants, watch news and videos, get alerts in case of an emergency and do lot more while they are on a roadside.

To ensure data and transactions carried out on hotspots are safe, Wi-Fi includes a set of protocols for user device authentication and data encryption. These protocols which reside both on access point, a hotspot in case of public Wi-Fi and the device, like a smartphone or a tablet, use a pre-defined passphrase or other form of unique identifier to authorize a user and encrypt data. This ensures that only a designated device can access the data. Wi-Fi Protected Access 2 (WPA2), by the Wi-Fi Alliance, a recommended security standard, uses a pre-shared key (PSK) in the form of a series of text letters to authenticate users and encrypt data.

Now hotspots allow many people within a specified area to tune into a specific radio transmission. So, everybody sitting at the airport or a Starbucks outlet can access Wi-Fi there to get online. The downside is that anyone in the area can access data not meant for them. Security can be breached in multiple ways that includes network sniffing, third party data gathering and malicious access points.

WPA2 encrypts each connection between a hotspot and a users’ device, but it keeps at bay only people who don’t know the PSK of the network. If an attacker sniffs and captures the PSK, he can decrypt traffic designated to a device until the PSK is changed. That’s network sniffing. More complicated the PSK (how long, use of symbols, different letter cases etc) can keep sniffers at bay.

Users should be wary of unusual data requests to access a hotspot—like reveal social identity, phone number or e-mail in exchange for a PIN to access internet. Ideally a simple request to access Wi-Fi, like name and room number in case of a hotel is more reliable than a Wi-Fi hotspot seeking multiple layers of information. Also, be aware of fake access points. When connecting via hotspots opt for networks you are familiar with—that could be a university, a popular café outlet, a reliable brand name and so on rather than any random unfamiliar network.

There’s always a risk when using a public service but you can be safe by taking simple precautions. Always confirm legitimacy of the Wi-Fi network. Go to sites that start with HTTPS, a more secure version of HTTP web protocol. Avoid installing new software using public Wi-Fi. A good way to ensure security while accessing internet via hotspots is to use a VPN (virtual private network). A VPN creates a tunnel between your device and a third-party server. All data that passes through this tunnel is encrypted and is hidden from both the Wi-Fi provider and anyone trying to compromise the network. Public Wi-Fi is a must have in the digital age to get more and more people online and reap benefit of internet. Ensuring easy and safe access will only increase users confidence in Wi-Fi hotspots.

DISCLAIMER: The views expressed are solely of the author and ETTelecom.com does not necessarily subscribe to it. ETTelecom.com shall not be responsible for any damage caused to any person/organisation directly or indirectly.

Nigel Eastwood is the chief executive officer of New Call Telecom in the UK and CEO of New Call India.He is a Director at the East Lancashire Chamber of Commerce. As the founder of New Call Telecom, he has been instrumental in growing and shaping the business significantly in the last four years.

Nigel Eastwood is the chief executive officer of New Call Telecom in the UK and CEO of New Call India.He is a Director at the East Lancashire Chamber of Commerce. As the founder Show more.. of New Call Telecom, he has been instrumental in growing and shaping the business significantly in the last four years.